28 matches found
CVE-2026-13545
CVE-2026-13545 affects D-Link DCS-935L 1.10.01. The vulnerability is in the function sub_400E40 of setconf.cgi (POST Parameter Handler); manipulating the UID argument enables an OS command injection. The attack can be launched remotely, and the exploit has been disclosed publicly. CVSS metrics in...
EUVD-2026-40045
A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed ...
CVE-2026-12174
A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...
CVE-2026-12174 D-Link DCS-935L HTTP rhea snprintf format string
A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...
EUVD-2026-36654
A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...
CVE-2026-12174 D-Link DCS-935L HTTP rhea snprintf format string
A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...
CVE-2026-12174
CVE-2026-12174 affects D-Link DCS-935L firmware 1.10.01. The vulnerability is in the HTTP Handler’s function snprintf used by /web/cgi-bin/greece/rhea, allowing format-string manipulation. This can enable a remote attacker to exploit the flaw; public exploits have been disclosed. The available do...
PT-2026-49083
Name of the Vulnerable Software and Affected Versions D-Link DCS-935L version 1.10.01 Description A format string issue exists in the HTTP Handler component within the file '/web/cgi-bin/greece/rhea'. The problem occurs in the snprintf function when the data argument is manipulated, allowing a...
cve-database
Vulnerability Report: Format String Vulnerability in D-Link DC...
CVE-2026-8260
A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...
Exploit for CVE-2026-8260
CVE-2026-8260 Overview A buffer overflow vulnerability af...
EUVD-2026-29016
A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...
CVE-2026-8260
A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...
CVE-2026-8260 D-Link DCS-935L HNAP Service hnap_service SetDeviceSettings buffer overflow
A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...
CVE-2026-8260
A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...
CVE-2026-8260 D-Link DCS-935L HNAP Service hnap_service SetDeviceSettings buffer overflow
A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnapservice of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. The attack can be executed remotel...
CVE-2026-8260
Technical details about CVE-2026-8260 are not publicly available in the provided documents. Monitor for updates from official advisories. The initial description states the vulnerability exists in D-Link DCS-935L HNAP service SetDeviceSettings buffer overflow.
D-Link DCS-935L 缓冲区错误漏洞
The D-Link DCS-935L is a router produced by D-Link Corporation. Versions of the D-Link DCS-935L prior to 1.10.01 contain a buffer error vulnerability. This vulnerability stems from the operation of the AdminPassword parameter in the SetDeviceSettings function within the HNAP Service component,...
PT-2026-39536
Name of the Vulnerable Software and Affected Versions D-Link DCS-935L versions prior to 1.10.01 Description A buffer overflow can be triggered remotely via the HNAP Service. The issue exists in the SetDeviceSettings function within the '/web/cgi-bin/hnap/hnap service' endpoint when manipulating t...
EUVD-2025-30398
Malicious code in bioql PyPI...